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Posit Connect with Kubernetes 
Off-Host (Containerized) Content Execution 


For organizations who want content-level containerization for strict process isolation and control over 
resource utilization, Posit Connect supports off-host execution on Kubernetes. This feature set does not 
require R and Python users to build and manage their own containers. 


When Connect launches a process to preparea ° Best suited for organizations already heavily 

build environment, render a document, or run invested in using Kubernetes with IT administrators 
an interactive application, it uses a Kubernetes who have a working knowledge of Helm 

container instead of a local process. These 
jobs are external to the container running 
Connect. All content types 


(R, Python, Quarto) are supported. Generally available in Posit connect 2023.05.0 
and above 


Requires an Enterprise Posit Connect 
(or Posit Team) license 
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PRODUCT-LEVEL CONTAINERIZATION CONTENT-LEVEL 


CONTAINERIZATION 


Local Execution Off-Host Execution 


Overview The Connect application service and all Content processes are started in isolated Pods 
published content execute on the same host on Kubernetes, external to the server container 


Process Process Sandboxing provides partial isolation. Content-level isolation with separate containers 
Isolation Containers must run in privileged mode and Kubernetes VolumeMounts, and no 
(docker run --privileged) privileged execution requirement 


Environment Administrators install one or more Administrators control available images. 
Management versions of R, Python, and Quarto. Connect Publishers can choose a specific image for 
attempts to match published content with executing their content or allow Connect to 
an available runtime pick one automatically 


Resource Content-level controls for RAM Content-level controls for CPU and RAM 


Utilization 
Controls 


Oft-Host Execution FAQs 


Q: WHAT DO DATA SCIENCE 
PUBLISHERS NEED TO KNOW ABOUT 
OFF-HOST EXECUTION? 


Data scientists are not required to have 
knowledge of containers to publish content. 
Advanced Publishers can target a specific 
image for their deployments, change the 
execution environment after content is 
deployed, and set content-level memory and 
CPU requests and limits. 


Q: CAN I RUN POSIT CONNECT IN A 
CONTAINER ON KUBERNETES WITHOUT 
OFF-HOST EXECUTION? 


Yes, definitely. The difference comes down to 
deciding which kind of process isolation and 
content execution you want to enable (refer 
back to the Local vs. Off-Host Execution table). 


Q: IS OFF-HOST EXECUTION FULLY 
SUPPORTED AND APPROVED FOR USE 
IN PRODUCTION ENVIRONMENTS? 


Yes, starting with Posit Connect 2023.05.0 
Off-Host Execution is generally available (GA). 


Q: WHAT CAN ADMINISTRATORS 
DO WITH OFF-HOST EXECUTION? 


Administrators can: 


* Manage content execution environments 
(images) through the new Environments 
dashboard UI or programmatically using 
the Connect Server API 


e Configure and set content-level Kubernetes 
service accounts to facilitate access to 
external resources without sharing secrets 
through environment variables 


e Configure global optima (min and max) for 
content-level memory and CPU requests 
and limits 


Q: WHAT ARE THE REQUIREMENTS 
FOR RUNNING POSIT CONNECT WITH 
OFF-HOST EXECUTION? 


Posit Connect >= v2023.05.0 

A valid Posit Connect enterprise license 
Kubernetes 

e A working Kubernetes cluster 

e kubectl 

e Helm v3 

PostgreSQL 


NFS 


Q: ARE THERE ANY ADDITIONAL 
CONSIDERATIONS? 


Posit Connect must run either in local 
mode or off-host execution mode; it is not 
possible to run in both modes at once. 


Processes take longer to launch when using 
Kubernetes than with local processes. 
Image size and Kubernetes scheduler 
overhead can contribute to slower process 
startup. 


The Posit Connect dashboard 
Admin>Metrics view shows CPU/RAM for 
the Connect container and does not graph 
CPU/RAM for the content jobs. Current 
CPU/RAM for each job is listed in the 
Processes table. 


Off-host execution is currently only 
available for Kubernetes. 


LEARN MORE at pos.it/connect-docs 
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